Reconfigurable Security: Edge Computing-based Framework for IoT

In various scenarios, achieving security between IoT devices is challenging since the devices may have different dedicated communication standards, resource constraints as well as various applications. In this article, we first provide requirements and existing solutions for IoT security. We then introduce a new reconfigurable security framework based on edge computing, which utilizes a near-user edge device, i.e., security agent, to simplify key management and offload the computational costs of security algorithms at IoT devices. This framework is designed to overcome the challenges including high computation costs, low flexibility in key management, and low compatibility in deploying new security algorithms in IoT, especially when adopting advanced cryptographic primitives. We also provide the design principles of the reconfigurable security framework, the exemplary security protocols for anonymous authentication and secure data access control, and the performance analysis in terms of feasibility and usability. The reconfigurable security framework paves a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication

Impacts of S1 and X2 Interfaces on eMBMS Handover Failure: Solution and Performance Analysis

In evolved Multimedia Broadcast/Multicast Service (eMBMS), service continuity enables users move from one cell to another without interrupting eMBMS service. Unlike traditional handover in unicast transmission, a UE can receive eMBMS service in either unicast or multicast mode. In this paper, we point out a new handover failure problem in eMBMS due to the miss of rekeying information. We first take a close look at the new handover scenarios. We then investigate the problem by using comprehensive mathematical models. Our models provide insights on the new handover problem and introduce theoretical guidelines for mobile operators to design and optimize their networks without wide deployment to save cost and time. Moreover, we propose a solution to combat against the handover failure. Both the simulation and analytical results demonstrate that the impacts of the eMBMS handover failure are reduced significantly. In this paper, we present a systematic way to investigate the handover failure problem in eMBMS

Congestion Control for Machine-Type Communications in LTE-A Networks

Collecting data from a tremendous amount of Internet-of-Things (IoT) devices for next generation networks is a big challenge. A large number of devices may lead to severe congestion in Radio Access Network (RAN) and Core Network (CN). 3GPP has specified several mechanisms to handle the congestion caused by massive amounts of devices. However, detailed settings and strategies of them are not defined in the standards and are left for operators. In this paper, we propose two congestion control algorithms which efficiently reduce the congestion. Simulation results demonstrate that the proposed algorithms can achieve 20~40% improvement regarding accept ratio, overload degree and waiting time compared with those in LTE-A

Design and Analysis of Deadline and Budget Constrained Autoscaling (DBCA) Algorithm for 5G Mobile Networks

In cloud computing paradigm, virtual resource autoscaling approaches have been intensively studied recent years. Those approaches dynamically scale in/out virtual resources to adjust system performance for saving operation cost. However, designing the autoscaling algorithm for desired performance with limited budget, while considering the existing capacity of legacy network equipment, is not a trivial task. In this paper, we propose a Deadline and Budget Constrained Autoscaling (DBCA) algorithm for addressing the budget-performance tradeoff. We develop an analytical model to quantify the tradeoff and cross-validate the model by extensive simulations. The results show that the DBCA can significantly improve system performance given the budget upper-bound. In addition, the model provides a quick way to evaluate the budget-performance tradeoff and system design without wide deployment, saving on cost and time

Proportional and Preemption-enabled Traffic Offloading for IP Flow Mobility:Algorithms and Performance Evaluation

IP Flow Mobility (IFOM) enables a user equipment to offload data traffic at the IP flow level. Although the procedure of IFOM-based flow offloading has been specified by 3GPP, how many IP flows should be offloaded and when offloading should be performed are not defined. Consequently, IP flows may be routed to a target access network which has a strong signal strength but with backhaul congestion or insufficient access capability. In this paper, we propose two algorithms, referred to as proportional offloading (PO), and proportional and preemption-enabled offloading (PPO), respectively, for IP flow offloading in hybrid cellular and wireless local area networks. The PO algorithm decides an optimal proportion of IP flows which could be offloaded by considering available resources at the target access network. In the PPO algorithm, both service continuity and network utilization are taken into consideration. Furthermore, a detailed analytical model is developed in order to evaluate the behavior of the proposed algorithms. The analytical model is validated through extensive simulations. The results show that by dynamically adjusting the percentage of traffic flows to be offloaded, PO can reduce blocking probability and increase resource utilization. PPO further improves the performance at the cost of slightly higher offloading overhead

How to Reduce Unexpected eMBMS Session Disconnection: Design and Performance Analysis

In 3GPP eMBMS, sometimes sessions will be disconnected unexpectedly due to the miss of session keys. Although rekeying can prevent old users from getting multicast data, it also causes authorized users to miss subsequent data if they miss the key update messages. Thus, re-authentication is needed to obtain lost keys from KMM. We point out this problem in our previous work 1. In this paper, we further propose a new KeySet algorithm, which can pre-issue a number of keys to users when they join eMBMS. The advantage is that a user can still decode multicast data even if it misses some key updates tentatively. However, the cost is that allowing some old users to freely enjoying multicast for some time. In this paper, we quantify the tradeoff and derive the optimal case

Multi-Slot Allocation Protocols for Massive IoT Devices with Small-Size Uploading Data

The emergence of Internet of Things applications introduces new challenges such as massive connectivity and small data transmission. In traditional data transmission protocols, an ID (i.e., IP address or MAC address) is usually included in a packet so that its receiver is able to know who sent the packet. However, this introduces the big head-small body problem for light payload. To address this problem, the Hint protocols have been proposed. The main idea is to 'encode' information in a tiny broadcast Hint message that allows devices to 'decode' their transmission slots. Thus, it can significantly reduce transmission and contention overheads. In this letter, we extend eHint to support multi-slot data transmissions. Several efficient protocols are proposed. Our simulation results validate that the protocols can significantly increase the number of successfully transmitted devices, channel utilization, and payload of transmitted devices compared with eHint

Dynamic Auto Scaling Algorithm (DASA) for 5G Mobile Networks

Network Function Virtualization (NFV) enables mobile operators to virtualize their network entities as Virtualized Network Functions (VNFs), offering fine-grained on-demand network capabilities. VNFs can be dynamically scale-in/out to meet the performance desire and other dynamic behaviors. However, designing the auto-scaling algorithm for desired characteristics with low operation cost and low latency, while considering the existing capacity of legacy network equipment, is not a trivial task. In this paper, we propose a VNF Dynamic Auto Scaling Algorithm (DASA) considering the tradeoff between performance and operation cost. We develop an analytical model to quantify the tradeoff and validate the analysis through extensive simulations. The results show that the DASA can significantly reduce operation cost given the latency upper-bound. Moreover, the models provide a quick way to evaluate the cost- performance tradeoff and system design without wide deployment, which can save cost and time